OAuth2 Google、Github自定义登录页面
1.0概要
如何使用Google或Github账号登录web应用 页面模板使用thymeleaf,没有前后端分离。如果有前后端分离的需求,只需要修改Controller代码即可,视频里有说。
代码行间里都有注释说明。
过去,看过我的视频或公众号,基本上都会写了,八九不离十。看得懂代码又懒得写。就在这里下载吧
2.0代码
2.1Maven依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>bootstrap</artifactId>
<version>4.5.3</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>jquery</artifactId>
<version>3.5.1</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>webjars-locator</artifactId>
<version>0.40</version>
</dependency>
2.2控制类
LoginController.java
package com.example.googlegithubcustomoauth2;
import lombok.extern.log4j.Log4j2;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.ResolvableType;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import java.util.HashMap;
import java.util.Map;
@Controller
@Log4j2
public class LoginController {
private final ClientRegistrationRepository clientRegistrationRepository;
public LoginController(ClientRegistrationRepository clientRegistrationRepository) {
this.clientRegistrationRepository = clientRegistrationRepository;
}
/**
* 自定义登录页面
* @param model
* @return
*/
@GetMapping("/oauth2_login")
public String login(Model model){
model.addAttribute("urls", getOAuth2AuthenticationUrls());
return "oauth2_login";
}
/**
* 登录成功调转页面
* 如果在浏览器中输入 http://localhost:8080/admin 然后登录成功后
* 系统会自动调转到 /admin 页面,而不是 /loginSuccess
* @return
*/
@GetMapping("/loginSuccess")
public String loginSuccess(){
return "loginSuccess";
}
/**
* 登录失败调转页面
* @return
*/
@GetMapping("/loginFailure")
public String loginFailure(){
return "loginFailure";
}
}
MessageController.java
package com.example.googlegithubcustomoauth2;
import lombok.extern.log4j.Log4j2;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* Message 控制器
*/
@RestController
@Log4j2
public class MessageController {
@GetMapping("/")
public String hello(){
return "Hello Google Github.";
}
@GetMapping("/guest")
public String guest(){
return "Hello Guest.";
}
/**
* 获取Google或Github返回的用户信息
* @param principal
* @return
*/
@GetMapping("/admin")
public OAuth2User admin(@AuthenticationPrincipal OAuth2User principal){
return principal;
}
}
2.3配置类
SecurityConfig.java
package com.example.googlegithubcustomoauth2;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
/**
* Security配置信息
*/
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/**").authorizeRequests()
//设置访问资源文件权限
.antMatchers("/webjars/**").permitAll()
//设置指定url访问权限
.antMatchers("/", "/guest","/oauth2_login").permitAll()
.anyRequest().authenticated()
.and()
//明确oath2登录
.oauth2Login()
//登录页面
.loginPage("/oauth2_login")
//登录成功后调转页面
//如果在浏览器中输入 http://localhost:8080/admin 然后登录成功后,系统会自动调转到 /admin 页面,而不是 /loginSuccess
//如果输入http://localhost:8080/oauth2_login,登录成功后,才会调转到/loginSuccess
.defaultSuccessUrl("/loginSuccess")
//登录失败调转页面
.failureUrl("/loginFailure");
}
}
WebConfig.java
package com.example.googlegithubcustomoauth2;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* MVC配置信息
*/
@Configuration
class WebConfig implements WebMvcConfigurer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry
.addResourceHandler("/webjars/**")//添加webjar资源文件bootstrap、jquery等...
.addResourceLocations("/webjars/")//资源文件开始路径“/webjars/”
.resourceChain(false);//是否缓存资源文件
}
}
5.0运行
http://localhost:8080/oauth2_login 或 http://localhost:8080/admin
本文使用 mdnice 排版